Package com.aducid.web.controller

Class AuthenticationController

java.lang.Object
com.aducid.web.controller.ControllerBase
com.aducid.web.controller.AuthenticationController
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.web.context.ServletContextAware
Direct Known Subclasses:
WebPlatformController
public class AuthenticationController
extends ControllerBase

Controller, which serves authentication process. Process itself consists of these methods:

  • setRedirectUrl - sets redirect URL, where to redirect user after successful authentication, if not set configuration value loggedInPage is respected
  • authenticate - starts authentication process, respects configuration values usePersonalFactor and useComfortFactor
  • proxy - asks for authentication process status
  • authenticateCheck - checks authentication result, there are these substeps:
    • getResultNoLFCheck - evaluates authentication result without local factor success check
    • buildPrincipal - builds ADUCID principal from authentication response
    • checkPersonalFactor - checks personal factor value, respects configuration values usePersonalFactor and checkPersonalFactor
    • checkProofing - checks proofing status, respects configuration values checkProofing and checkNotApproved

After successful login, there are authentication data saved in HTTP session as predefined principal attribute. You can use getPrincipal method to access that authentication data. At the end of work, you can destroy web session using one of these methods:

  • logout - starts user logout, respects configuration values logoutPage
  • invalidate - invalidates web session

Created 27. 1. 2017 10:36:17

Author:
Radek Jira

  • Constructor Details

  • Method Details

    • getLoggedInPage

      public java.lang.String getLoggedInPage()

      Returns logged in page.

      Returns:
      logged in page

    • setLoggedInPage

      public void setLoggedInPage​(java.lang.String loggedInPage)

      Sets logged in page.

      Parameters:
      loggedInPage - logged in page

    • getLogoutPage

      public java.lang.String getLogoutPage()

      Returns logout page.

      Returns:
      logout page

    • setLogoutPage

      public void setLogoutPage​(java.lang.String logoutPage)

      Sets logout page.

      Parameters:
      logoutPage - logout page

    • setRedirectUrl

      @RequestMapping("setRedirectUrl") @ResponseBody public java.lang.String setRedirectUrl​(@RequestParam java.lang.String id, @RequestParam java.lang.String redirectUrl, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Sets redirect URL.

      Parameters:
      id - identifier
      redirectUrl - redirect URL
      httpRequest - HTTP request
      Returns:
      response as JSON
      Throws:
      AducidWebException - when error occurs during web controller call

    • setErrorPage

      @RequestMapping("setErrorPage") @ResponseBody public java.lang.String setErrorPage​(@RequestParam java.lang.String id, @RequestParam java.lang.String errorPage, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Sets error page.

      Parameters:
      id - identifier
      errorPage - error page
      httpRequest - HTTP request
      Returns:
      response as JSON
      Throws:
      AducidWebException - when error occurs during web controller call

    • authenticate

      @RequestMapping("authenticate") @ResponseBody public java.lang.String authenticate​(@RequestParam(required=false) java.lang.String id, @RequestParam(required=false) java.lang.Boolean generateQrCodePicture, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Starts authentication operation.

      Parameters:
      id - identifier
      generateQrCodePicture - generate QR code picture flag value
      httpRequest - HTTP request
      Returns:
      request operation result as JSON
      Throws:
      AducidWebException - when error occurs during web controller call

    • authenticateCheck

      @RequestMapping("authenticateCheck") public org.springframework.web.servlet.ModelAndView authenticateCheck​(@RequestParam java.lang.String id, @RequestParam(required=false) java.lang.String authId, @RequestParam(required=false) java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Evaluates authentication operation result.

      Parameters:
      id - identifier
      authId - authentication identifier
      authKey - authentication key
      httpRequest - HTTP request
      Returns:
      model and view with redirect URL
      Throws:
      AducidWebException - when error occurs during web controller call

    • proxy

      @RequestMapping("proxy") @ResponseBody public java.lang.String proxy​(@RequestParam java.lang.String id, @RequestParam java.lang.String publicMethod, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Calls public R4 method.

      Parameters:
      id - identifier
      publicMethod - public method
      httpRequest - HTTP request
      Returns:
      public method response as JSON
      Throws:
      AducidWebException - when error occurs during web controller call

    • logout

      @RequestMapping(value="logout", method=GET) public java.lang.String logout​(@RequestParam(required=false) java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) throws AducidWebException

      User logout.

      Parameters:
      id - identifier
      httpRequest - HTTP request
      httpResponse - HTTP request
      Returns:
      URL, where to redirect user after successful logout
      Throws:
      AducidWebException - when error occurs during web controller call

    • invalidate

      @RequestMapping(value="invalidate", method=GET) @ResponseBody public java.lang.String invalidate​(javax.servlet.http.HttpServletRequest httpRequest)

      Invalidates HTTP session.

      Parameters:
      httpRequest - HTTP request
      Returns:
      response as JSON

    • isSessionValid

      @RequestMapping(value="isSessionValid", method=GET) @ResponseBody public java.lang.String isSessionValid​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Checks session validity.

      Parameters:
      httpRequest - HTTP request
      Returns:
      response as JSON
      Throws:
      AducidWebException - when error occurs during web controller call

    • getPrincipal

      protected com.aducid.principal.AducidPrincipal getPrincipal​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Returns principal.

      Parameters:
      httpRequest - HTTP request
      Returns:
      principal
      Throws:
      AducidWebException - when error occurs during web controller call

    • getAuthId

      protected java.lang.String getAuthId​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Returns authentication identifier from principal.

      Parameters:
      httpRequest - HTTP request
      Returns:
      authentication identifier
      Throws:
      AducidWebException - when error occurs during web controller call

    • getAuthKey

      protected java.lang.String getAuthKey​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Returns authentication key from principal.

      Parameters:
      httpRequest - HTTP request
      Returns:
      authentication key
      Throws:
      AducidWebException - when error occurs during web controller call

    • getVerifiedLF

      protected java.lang.Boolean getVerifiedLF​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Returns verified LF flag value from principal.

      Parameters:
      httpRequest - HTTP request
      Returns:
      verified LF flag value
      Throws:
      AducidWebException - when error occurs during web controller call

    • buildPrincipal

      protected com.aducid.principal.AducidPrincipal buildPrincipal​(java.lang.String id, com.aducid.sdk.pojo.GetPSLAttributesResponse authData) throws AducidWebException

      Builds principal.

      Parameters:
      id - identifier
      authData - authentication data
      Returns:
      principal
      Throws:
      AducidWebException - when error occurs during web controller call

    • checkResult

      protected void checkResult​(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Checks operation result.

      Parameters:
      id - identifier
      authId - authentication identifier
      authKey - authentication key
      httpRequest - HTTP request
      Throws:
      AducidWebException - when error occurs during web controller call

    • checkAccess

      protected void checkAccess​(java.lang.String id, java.lang.String authId, java.lang.String authKey, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Checks access.

      Parameters:
      id - identifier
      authId - authentication identifier
      authKey - authentication key
      httpRequest - HTTP request
      Throws:
      AducidWebException - when error occurs during web controller call

    • checkPersonalFactor

      protected void checkPersonalFactor​(java.lang.String id, com.aducid.principal.AducidPrincipal principal, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Checks personal factor.

      Parameters:
      id - identifier
      principal - principal
      httpRequest - HTTP request
      Throws:
      AducidWebException - when error occurs during web controller call

    • checkProofing

      protected void checkProofing​(java.lang.String id, com.aducid.principal.AducidPrincipal principal) throws AducidWebException

      Checks proofing.

      Parameters:
      id - identifier
      principal - principal
      Throws:
      AducidWebException - when error occurs during web controller call

    • fixateSession

      protected void fixateSession​(javax.servlet.http.HttpServletRequest httpRequest)

      Fixates session.

      Parameters:
      httpRequest - HTTP request

    • processResponse

      protected org.springframework.web.servlet.ModelAndView processResponse​(java.lang.String id, javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Processes response.

      Parameters:
      id - identifier
      httpRequest - HTTP request
      Returns:
      model and view
      Throws:
      AducidWebException - when error occurs during web controller call

    • binderLogout

      protected void binderLogout​(javax.servlet.http.HttpServletRequest httpRequest) throws AducidWebException

      Binder logout.

      Parameters:
      httpRequest - HTTP request
      Throws:
      AducidWebException - when error occurs during web controller call